Embed Notice
HTML Code
Corresponding Notice
- Embed this notice
Palaiologos (kspalaiologos@fedi.absturztau.be)'s status on Sunday, 03-Mar-2024 00:17:51 JSTPalaiologos The reason why we patch most buffer overflow vulnerabilities is not because they're a potential RCE. You can't reliably exploit most of these bugs to get a RCE.Tthe real reason why they're fixed is that they're provide a surface for a DoS attack. There's a negligible difference between a heap buffer overflow leading into a segfault and a panic!("Out of bounds.").